On Mon, Jul 14, 2008 at 12:19 PM, Scott Silva <ssilva at sgvwater.com> wrote:
>>> I just played with one of my test vmware ipcop images and set it to dhcp
>>> on
>>> our internal network (which should simulate your natted connection
>>> through
>>> your adsl modem) for the red interface and I was able to dig +trace
>>> google.com
>>> with proper answers. So it is possible to get it working unless your ISP
>>> blocks DNS queries to anywhere else but their own servers.
<snip>
> Just played with the vmware box again. It won't resolve to itself, so forget
> putting the localhost address in the dns servers box. The other box I played
> with had a secondary address as a fallback and that is why it was working.
>> I think for the dig +trace to work for you you need a box that will do full
> recursion as your upstream DNS server. I had mine pointed to our caching
> resolver and I saw the queries log there.
>> I would forget about setting nameservers in your adsl modem as I doubt it
> has a very large cache so it will expire entries quickly. If you point your
> ipcop's dns entries to opendns or another free resolver you should be good
> to go.
I have it working, with one glitch (cannot get to the IPCop web
interface from my Desktop) in the Backup IPCop box.
Yesterday, I installed a different HD, ran Diagnostics on that, ran
Memtest 86 and then did a clean install of IPCop 1.4.16 from the CD I
made last year. Last night, with some difficulty, I was able to
connect to the IPCop box with the web browser, change the settings for
SSH in it, but I could not browse. There was no resolution. This
morning, I noticed when it booted there was a message, "Bad Default
Gateway". Previously, "Default Gateway" was blank. In the IPCop box,
where it has "DNS & Gateway" settings, I have the 2 IP addresses to
access the opendns.com DNS service (they have DNS servers in 4 U.S.
cities and in London as I recall) and after I changed "Default
Gateway" to 192.168.1.1 (the ADSL modem) I was online. :-)
Not sure why I am not able to get to it via the web browser on my
Desktop. Also, last night, when I was able to access the IPCop box
with the web browser, I noticed that it is on IPCop v.1.4.16, but it
said that there are no updates available. I know there are two (2)
updates available, to bring it up to 1.4.18.
So, with your help and the help of others, all greatly appreciated, I
have a Caching DNS Server working on my IPCop box and I have also
discontinued using the problematic DNS Servers at my ISP. :-) Thanks
much, to everyone who provided ideas. and guidance!
It's running Headless now and I think the HW in that box is OK, with
the probable exception of the Floppy Drive. Once I can get to it via
the web browser, I can backup to my Desktop. dig +trace does not work
the same for me as it does for you, per your explanation.
root at ipcop500:~ # dig +trace gmail.com
; <<>> DiG 9.4.0 <<>> +trace gmail.com
;; global options: printcmd
;; Received 17 bytes from 127.0.0.1#53(127.0.0.1) in 118 ms
root at ipcop500:~ #
root at ipcop500:~ # dig gmail.com
; <<>> DiG 9.4.0 <<>> gmail.com
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 27531
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;gmail.com. IN A
;; ANSWER SECTION:
gmail.com. 30 IN A 209.85.171.83
gmail.com. 30 IN A 64.233.171.83
gmail.com. 30 IN A 64.233.161.83
;; Query time: 170 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Tue Jul 15 07:34:22 2008
;; MSG SIZE rcvd: 75
root at ipcop500:~ #